On 25 June 2019, Ethereum security team announced their “Solidity Storage Bug”. Which was fixed with the help of a bug bounty hunter named Daenam Kim. Let’s check out the bug, what it was about and how did Kim fix it. Heads-up, this article is relevant for techies!
Solidity is a high-level object-oriented programming language which is used to build decentralized applications on Ethereum. With the help of Solidity, developers can write a Smart Contract on the Ethereum chain.
Programming languages like Solidity do their checking at runtime rather than compile time. Which leads the way for the bugs on Solidity compilers. To identify these corrections Ethereum foundation runs a program called ‘Bug Bounty’. Where hackers earn rewards for finding a vulnerability on the Ethereum platform.
Through this program, Ethereum received two flaw reports on the Solidity compiler. The Ethereum team mentioned that the glitch was present on the Solidity compiler for a long time and the security team discovered and fixed the bug recently.
[SECURITY] For Solidity smart contract developers – “Solidity Storage Array Bugs” blog post-https://t.co/jYlMlkQ92V— Ethereum (@ethereum) June 25, 2019
Detail about the Two bugs on Solidity:
- Signed Integer Array Bug
- ABI Encoder V2 Array Bug
Signed Integer Array Bug:
An array is the collection of one or more values of the same type. These values can be of two types signed integers and unsigned integers.
An unsigned array can hold large positive value and no negative value. On the other hand, signed array uses the leftmost bit to identify the number is positive or negative and also signed integer can hold both positive and negative number.
On Solidity, while deploying the contract if a developer using signed integer array with at least one negative value leads to data corruption (errors in computer data that occur during the writing and storing) in the storage array.
This bug has been present in the system since Solidity 0.4.7. and the updated version 0.5.10 has the fix to this bug.
ABI Encoder V2 Array Bug:
In Solidity ABI stands for Application Binary Interface. It is a data encoding scheme used in Ethereum for working with smart contracts.
If a developer deployed any contracts using experimental ABI Encoder V2 then the particular array storage might get affected. In other words, programmers using the following code on their contracts get affected.
pragma experimental ABIEncoderV2;
Including the above-mentioned code, there are two other things that trigger the bug:
- The data should contain an array of structs
- Storage data sent directly to an external function call
So, what’s the exact bug in ABIEncoderV2?
Encoding is the process converting (information or instruction) into a particular form, where ABIEncoderV2 fails to convert its next element in the array of single slot storage.
This situation happens when the elements are static sized array (memory allocated at the compile-time). ABiEncoderV2 bug depends on the program flow, which means this bug differs depends on developers coding skills.
The latest version of Solidity 0.5.10 contains fixes to these bugs. And also the Ethereum security team helps to check the vulnerability of the contracts if it meets the conditions. You can mail them to [email protected]
“The 0.5.10 release contains the fixes to the bugs. At the moment, we do not plan to publish a fix to the legacy 0.4.x series of Solidity, but we might if there is popular demand.”